﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data;

namespace Maticsoft.Web
{
    public class PageBase : System.Web.UI.Page
    {
        protected string UserId = string.Empty;
        protected string ManagerName = string.Empty;
        protected string GroupName = string.Empty;
        protected string GroupId = string.Empty;
        
        public PageBase()
        { }

        protected override void OnInit(EventArgs e)
        {
            base.OnInit(e);
            if (!this.DesignMode)
            {
                if (System.Web.HttpContext.Current.Session != null)
                {
                    if (Session["UserId"] != null && Session["ManagerName"] != null && Session["GroupName"] != null && Session["GroupId"] != null)
                    {
                        UserId = Session["UserId"].ToString();
                        ManagerName = Session["ManagerName"].ToString();
                        GroupName = Session["GroupName"].ToString();
                        GroupId = Session["GroupId"].ToString();
                    }
                }
            }
        }

        protected string SqlFilter(string str)
        {
            string result = str.Replace("'", "");

            result = result.Replace("%", "");
            result = result.Replace(";", "");

            return result;
        }
        /// <summary>
        /// 权限控制（无权限跳转提示页）
        /// </summary>
        /// <param name="module">模块名称</param>
        /// <param name="operation">操作名称</param>
        protected void Check(string module, string operation)
        {
            if (!string.IsNullOrEmpty(UserId))
            {
                if (GroupId != "1")
                {
                    BLL.Permission bll = new BLL.Permission();
                    DataSet ds = bll.GetList("UserId=" + UserId + " and ModelName='" + module + "' and Operation='" + operation + "'");
                    if (ds.Tables[0].Rows.Count == 0)
                    {
                        Response.Redirect("../NoPermission.aspx");
                    }
                }
            }
            else
            {
                Response.Redirect("../Login.aspx");
            }
        }
        /// <summary>
        /// 权限控制（是否为登陆用户）
        /// </summary>
        protected void Check()
        {
            if (string.IsNullOrEmpty(UserId) || string.IsNullOrEmpty(ManagerName) || string.IsNullOrEmpty(GroupName) || GroupId == "3")
            {
                Response.Redirect("Login.aspx");
            }
        }
    }
}